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[57] ABSTRACT 

A-method^for ^permiUing-access-to^secured^computer 
resources bas ed upon a two-piece user_verification"process. 
In;the~discl6sed r embodii^ is 
carrie^aoliOurmg ^se ^ oow errup- procedufeSAtysome 
<ppint-jiujing^t^^ 

user_is:required to provide an exteraltl token or smart card-toj 
/the cqmputersystem^The token of smart card is used to store 
an authentication value(s) required to enable secured 
resources. The computer user is then required to enter a plain 
text user password. Separate passwords can be used to 
enable various portions of the computer system. Once 
entered, a one-way hash function is performed on the user 
password. The resulting hash value is compared to an 
authejuicaUojij^lue_(token value) _do_wnloaded from the 
token. If the two values m a tc h , Jh e_ p o we r -on sequ e hce ~ is - - 
completed Wdliccess to thecomputer s>^stem~and/or secured J 
computer. resources is4)ermtoeo\J^the£ty^ 
£maJch,,pow^^ anaYorsecuredL^ 
O)mputepresources5^ 

a utilization process requires the presence of botlTthe'user 
password and.theexte rn al token:in~o7der to access protecteciD 
(f^omputer jjs^rces. 

20 Claims, 5 Drawing Sheets 
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METHOD FOR CONTROLLING ACCESS TO Given h, it is hard reverse the hashing process and compute 

A COMPUTER SYSTEM BY UTILIZING AN M such that H(M)=h. Further, it is very difficult to find 

EXTERNAL DEVICE CONTAINING A HASH another message, M\ such that H(M)=H(M'). In essence, the 

VALUE REPRESENTATION OF A USER one-way hash function provides a "fingerprint" of M that is 

PASSWORD 5 unique, and is therefore frequently used for purposes of 

authenticating the source of a message. 

BACKGROUND OF THE INVENTION While much attention has been given to protecting and 

authenticating communications and data as they are trans- 

1. Field of the Invention m i lte d via internal networks (intranets) and external net- 
The invention relates to security in a computer system, 30 works (such as the Internet), fewer security improvements 

and more pafticularly ^to^perm j^t jng ^a ccess JO-secured-com^ have focused on protecting the hardware itself. One known 

puteTr resour ces^base^u^ method of offering limited access to hardware and the data 
represenUtion of~a plairjUext*usef pass^vo r ^ nd 3ih"a^ivjlue^. it contains is by the use of passwords. A password is 

storedriniaTi^xtemabtoken^ — — typically stored in battery-backed CMOS RAM memory. 

2. Description of the Related Art is Before the user is allowed access to the computer or secured 
Today's businesses invest large amounts of money in computer resources, the user is required to enter a password. 

hardware and software, and even more money is spent 0nce a Password is entered, the computer's power-on rou- 

developing information contained in data files such as text tlDe compares the password to the password in CMOS 

documents and spreadsheets. Protecting such investments memory and, if they match, the user is allowed access, 

can be critical to the success and reputation of a business. 20 A main disadvantage of this system is that certain forms 

Public accounts of the exploits of computer "hackers"— as of attack can bypass the CMOS memory because in many 

malicious code-breakers or eavesdroppers are sometimes cases il ^ not read protected. To address this concern, the 

called— have therefore focused and magnified corporate password can be encoded. Many encoding schemes can be 

desires for secure communications and better methods of reverse engineered by a sophisticated computer virus or 

protecting data. The scope of the problem is undoubtedly 25 malicious code, however, potentially leading to a costly 

even more serious than reported, given the reluctance of security breach. Further, the CMOS memory could simply 

many businesses to report security breaches. As a result, De disconnected from its battery, causing the loss of the 

security conscious users are requesting that security and password and any other contents. 

integrity features be incorporated into their computers to Physical keys or tokens, such as those used to unlock a 

restrict access to data contained on hard drives, as well as 30 door, have also been used to permit access to a computer 

information contained in other critical system components. system. Like the password approach, this type of security is 

One known approach to security involves encryption or "one-piece" in nature, and is compromised if the key or 

cryptography. Cryptography is typically used to protect both token 15 stolen - ^yon* Possessing the key can gain access 

data and communications. Generally, the original message 10 the computer's data and is accorded the same level of 

or data item is referred to as "plain text", while "encryption" 35 access as tne authorized user. 

denotes the process of disguising or altering a message in Providing sufficient security can be particularly difficult 
such a way that its substance is not readily discernable. An for portable computers. Unlike their desktop counterparts, 
encrypted message is called "ciphertext". Ciphertext is portable computers are easily stolen. Once stolen, the secu- 
returned to plain text by an inverse operation referred to as ritv afforded by physical keys or passwords used to protect 
"decryption". Encryption is typically accomplished through 40 data stored 00 a hard drive or other mass stora g e devices is 
the use of a cryptographic algorithm, which is essentially a readily bypassed. For example, it is a simple procedure to 
mathematical function. The most common cryptographic physically remove the hard drive unit from the stolen 
algorithms are key-based, where special knowledge of vari- computer— which is password protected— and install it in a 
able information called a "key" is required to decrypt second computer system. Because the surrogate computer 
ciphertext. There are many types of key-based cryptographic 45 system may not employ password protection or the pass- 
algorithms, providing varying levels of security. word mav be known, the hard drive unit or other mass 

The two most prevalenTcryptographic' algorithms are s f or ^ e ^vice becomes readily accessible to an unautho- 
generally referred to asj^ymm^c^alsc^afled^ecrat key nzed user and lXs data 15 vulnerable t0 theft a * d misuse, 
or single key^IgorithmsHnd-"public-ke7^(also^aned <n To P revent unauthorized access of this type, the data may 
asymmej^lgorithm^^ be encrypted before it is placed on the hard drive, rendering 
centered arouno^'ke)^ot'the:details^f thT algorithm the data meaningless until it is decoded. Encryption, 
itself ^is^ke^po^ib^rpublish the-algorithmrfor however, reduces the computer system 's performance due to 
public^cTuTin^^ * he delav eclated with the encryption process. To con- 
"into-security products. " ont ^ problem, hard drives and other storage devices 
^ L r~~j^---> _ ... ... 55 have been created which prevent data access operations on 

One problem with key-based algorithms is speed. Public , , , . r - \ 

, , • , , f • i, .t_ j r the hard drive upon power-up until the user enters a pass- 

key algonthms, m particular, arc typically on the order of word ^ ' ord £ |oca( / d on the disk itself l0 ^ 

1,000 times slower than symmetric algonthms. Even sym- . . /T , j . * < . » 1 1 * • • 

iii if j bypassing the hard drive security by installation in a new 

metric algorithms can be slow when compared with * . -m.- ♦ c •* l i ^ 

■I j u c » / i i « computer system. This type of security, while generally 

so-called one-way functions (also known as one-way * n *r *■ * • • - * J • ^ 

hash functions") effective, is again one-piece in nature and is only as secure 

as the password itself. Currently, there exists no satisfactory 

Briefly, a typical one-way hash function, denoted H(M), method of protecting vulnerable or stolen computer equip- 

operates on an arbitrary-length block of text or message M. menl and lhe data it mignt from unauthorized access. 
The one-way hash function returns a fixed-length hash 

value, h, such that h=H(M), were h is of length m. One-way 65 SUMMARY OF THE INVENTION 

hash functions have special characteristics that make them Briefly, : ^com^t^ system according! inven- 

one-way. Given M, for example, it is easy to compute h. tion utiliies^-two^ie^er^ rocedure to "en able* 
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access to secured computer resources. In the disclosed PROVIDING SECURE AND PRIVATE KEYBOARD 

embodiment of the myentipa^the^password verificatioD COMMUNICATIONS IN COMPUTER SYSTEMS", filed 

process is carried oui^uring a-secure^power-up p roced ure^ on May 29, 1996, now U.S. Pat. No. 5,745,888. 

At some point during the secure power-up procedure, the Referring first to FIG. 1, a computer system S according 

compujer_system checks for^mcppresenc^^_an^ternal 5 l0 the present invention is shown. In the preferred 

.tokejr^orf^ar^^ through embodiment, the system S incorporates two primary buses: 

speciaj^^ a Peripheral Component Interconnect (PCI) bus P which 

store atieast one authorization value needed to enable power[ includes an address/data portion and a control signal portion; 

to the computer system or access to secured resources. U and ^ industry Standard Architecture (ISA) bus I which 

Following detection of the external token, the computer 30 includes an address portion, a data portion, and a control 
user is required to enter a plain text user password. Separate signal portion. The PCI and ISA buses P and I form the 
passwords can be used to enable different portions of the architectural backbone of the computer system S. 
computer system. Once entered, a one-way hash function is A CPU/memory subsystem 100 is connected to the PCI 
performed on the user password. The resulting hash value is bus P. The processor 102 is preferably the Pentium® pro- 
compared to an authentication value (token value) down- « cessor from Intel Corporation, but could be an 80486 or any 
loaded from the token. If the two values match, the power-on number of similar or next-generation processors. The pro- 
sequence is completed and access to the computer system cessor 102 drives data, address, and control portions 116, 
and/or secured computer resources is permitted. If the two 106, and 108 of a host bus HB. A level 2 (L2) or external 
values do not match, power to the entire computer system C ache mem ory 104 is connected to the host bus HB to 
and/o^secu red com pj^^sour^s_aredisabled. 20 provide additional caching capabilities that improve the 

By~using~ a on^way^hash^fu nctio n stofed~in^the -host^ overall performance of the computer system S. The L2 cache 

com^ter-system^to^perform^hashing^of a user-entered^ 104 may be permanently installed or may be removable if 

password,_a^:the^:compaTing: me;resulting value^-td r a;value / desired. A cache and memory controller 110 and a PCI-ISA 

stored:m^'exte7hl(l;token^the:user:password value does not bridge chip 130 are connected to the control and address 

need to^r^^stored-m^the-hostrcomputeT^Further^the.r^^ 25 portions 108 and 106 of the host bus HB. The cache and 

piece~natu?e T o&^ memory controller chip 110 is configured to control a series 

dueHo'the^teHhatrif^ external of data buffers 112. The data buffers 112 are preferably the 

token is stolenTiris of Uttle valuerBoth^jeSsare . required v 82433LX from Intel, and are coupled to and drive the host 

to access protected resources. — ^LS ^ata ^ us n$ anc j a ^D or memory data bus 118 that is 

30 connected to a memory array 114. A memory address and 

BRIEF DESCRIPTION OF THE DRAWINGS memory control signal bus is provided from the cache and 

A better understanding of the present invention can be memory controller 110. 

obtained when the following detailed description of the The data buffers 112, cache and memory controller 110, 

preferred embodiment is considered in conjunction with the 35 and PCI-ISA bridge 130 are all connected to the PCI bus P. 

following drawings, in which: The PCI-ISA bridge 130 is used to convert signals between 

FIG. 1 is a schematic block diagram of a computer system lhe PCI bus P and the ISA bus l - The PCI-ISA bridge 130 

incorporating capabilities according to the present invention includes: the necessary address and data buffers, arbitration 

for securely comparing a hash value generated from a user and bus maste ** control logic for the PCI bus P, ISA arbitra- 

password to an authentication value stored in an external 40 tioD circuitrv . an ISA bus controller as conventionally used 

token* in ISA systems, an IDE (intelligent drive electronics) 

FIGS. 2A-2C are flowchart diagrams illustrating a secure interface and a DMA controller. A ;bard disk drive 140 is 

power-on sequence according to the present invention for ™ nne ? ed t0 L D ^T ° f ^1 -ISA bridge 130. 

verifying user identity and enabling peripheral devices; and J a P e ^ ™~™ M d r iCeS ™ ? thef P cn P^ ral stora S e 

° . . . r , ,r devices (not shown) can be similarly connected. 

FIG. 3 is a schematic diagram or an exemplary power 4 5 , , , , , , ' . „ „ rt , 

supply constructed to receive shutdown signals from a . I" the disclosed erabodtment, the PCI-ISA br.dge 130 also 

computer system according to the present invention. ,nc,udes , ™scellaneous system logic. Tins m.scellaneous 

system logic contains counters and activity timers as con- 

DE TAILED DESCRIFFION OF TOE ventionally present in personal computer systems, an inter- 

PREFERRED EMBODIMENT 50 rupt controller 111 (FIG. 3) for both the PCI and ISA buses 

„_ r . ... ... P and I, and power management logic. Additionally, the 

Hie following patents and applications are hereby incor- miscellaneous system logic may include circuit for , 

porated by reference. security management system used for password verification 

Commonly-assigned U.S. Pat. No. 5,537,540, entitled and to allow access to protected resources as described more 

"TRANSPARENT, SECURE COMPUTER VIRUS fully below. 

DETECTION METHOD AND APPARATUS", referred to 55 ^ pri ,o A , , ™ . • . , • " 

™ the "SAFPSTART natenf • ^ PCMSA bnd & c 130 also includes circuitry to gencr- 

as tne loiaki patent , ale a ((soft „ ( System Management Interrupt), as well as SMI 

Commonly-assigned U.S. patent application Scr. No. and keyboard controller interface circuitry. The miscella- 

08/779,061, entitled, "SECURITY CONTROL FOR A PER- neous system logic is connected to the flash ROM 154 

SONAL COMPUTER," filed on Mar. 3, 1995; 6Q through write protection logic 164. As discussed below, 

Commonly-assigned U.S. Pat. No. 5,375,243, entitled separate enable/interrupt signals are also communicated 

"HARD DISK PASSWORD SECURITY SYSTEM"; from the PCI-ISA bridge 130 to the power supply 180 and 

Commonly-assigned U.S. patent application Ser. No. the hard drive 140. Preferably, the PCI-ISA bridge 130 is a 

08/632,892, entitled "SECURE POWER SUPPLY," filed on single integrated circuit, but other combinations are consid- 

Apr. 16, 1996, now U.S. Pat. No. 5,751,950; and 65 ere d within the scope of the invention. 

Commonly-assigned U.S. patent application Ser. No. A series of ISA slots 134 are connected to the ISA bus I 

08/657,982, entitled "METHOD AND APPARATUS FOR to receive ISA adapter cards. A series of PCI slots 142 are 
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similarly provided on the PCI bus P to receive PCI adapter ^jmr^ucauon-valuejaore^ 

cards. These types of expansion slots are well known to c^i^erifijc^ 

those skilled in the art. the token 188 is capable^f:cQmr5uliicating diRitdly^tlOHF 

A video controller 165 is also connected to the PCI bus P. ^computer^ or prco? 

Video memory 166 is used to store graphics data and is 5 ..imit^to^fe^ 

connected to the video graphics controller 165 and a digital/ jisclosed.embc^imends alsoxapable of storing" t he authe n*- 

analog converter (RAMDAC) 168. The video graphics con- ticatio^value(s)-m;a^nonryolatile mannerjmd : can be-per- 

troller 165 controls the operation of the video memory 166, majaejtjy^^ ^ 

allowing data to be written and retrieved as required. A In the disclosed embodiment of the invention, the cir- 

monitor connector 169 is connected to the RAMDAC 168 io cuitry used for establishing a communication link between 

for connecting a monitor 170. the token 188 and the computer system S consists of a probe 

A network interface controller (NIC) 122 is also con- 186 connected to a COM or serial port adapter 184. The port 

nected to the PCI bus P. Preferably, the controller 122 is a adapter 184 is connected to the RS232 connector 146. 

single integrated circuit that includes the capabilities nec- Alternatively, the port adaptor 184 could interface with an 

essary to act as a PCI bus master and slave, as well as 15 application specificjntegratedxircuit (ASIC). In operation, 

circuitry required to act as an Ethernet interface. Attachment theJoken lj^islleta^ The 

Unit Interface (AUI) and 10 base-T connectors 124 are probe~186 includes circuitry for-reTding and- writing-memory 

provided in the system S, and are connected to the NIC 122 in the token 188, and can be fully powered through the 

via filter and transformer circuitry 126. This circuitry forms RS232 connector 146. In addition, the probe 186 includes 

a network or Ethernet connection for connecting the com- 20 presence detector circuitry for ascertaining the presence of a 

puter system S to a local area network (LAN). token 188. 

A combination I/O chip 136 is connected to the ISA bus An additional feature of the computer system S is a 

I. The combination I/O chip 136 preferably includes a real System Management Mode (SMM), which is generally 

time clock, two UARTS, a floppy disk controller for con- known to those skilled in the art. It is also noted that FIG. 

trolling a floppy disk drive 138, and various address decode 25 1 presents an exemplary embodiment of the computer sys- 

logic and security logic to control access to an internal or tern S and it is understood that numerous other effective 

external CMOS/NVRAM memory (not shown) and stored embodiments could readily be developed as known to those 

password values. Further details of contemplated uses of the skilled in the art, 

NVRAM memory are provided below. Additionally, a con- ^ q ^Referring_now^kLeGS..2A-2_C, an exemplary power-on 

trol line is provided to the read and write protection logic sequence incoiporating tw6^piec«"use7 : velifi 

164 to further control access to the flash ROM 154. Serial i n g to the invention is shown. The sequence builds upoma 

port connectors 146 and parallel port connector 132 are also secure power-up procedure, such as that described in the 

connected to the combination I/O chip 136. SAFESTART patent. Briefly, the SAFESTART procedure 

An 8042, or keyboard controller, is also included in the 35 reduces the administrative requirements of earlier security 

combination I/O chip 136. The keyboard controller is of measures. A reserved non-DOS hard disk partition is used to 

conventional design and is connected in turn to a keyboard pre -boot the computer system and provide a secure envi- 

connector 158 and a mouse or pointing device connector ronment from which to verify files. Upon power-up or reset, 

160. A keyboard 159 is connected to the computer system S the computer performs the power-on self test (POST), 

through the keyboard connector 158. 4Q during which it checks a SAFESTART track by comparing 

A buffer 144 is connected to the ISA bus I to provide an its hash value to a value stored in NVRAM. If the integrity 

additional X-bus X for various additional components of the of the SAFESTART track is verified, the first "SAF- 

computer system S. A flash ROM 154 receives its control, ESTART" routine is loaded into memory and executed, 

address and data signals from the X-bus X. Preferably, the The SAFESTART routine first checks the master boot 

flash ROM 154 contains the BIOS information for the 45 record and boot sectors of the hard disk. This verification 

computer system and can be reprogrammed to allow for captures a large majority of viruses and is performed before 

revisions of the BIOS. any code residing in those areas is executed, thus preventing 

In the computer system S of FIG. 1, all electronic devices the spread of any discovered viruses. Further checks are 

discussed above, including the processor 102, are powered performed on SAFESTART files before each is executed, 

by a regulated power supply 180. In the preferred 50 Eventually, system files and any additional designated user 

embodiment, the regulated power supply has a power supply files are verified. Since the computer system was booted 

supervisory circuit that provides shutdown capability via from an atypical partition, the drives are remapped to 

power supply control signals SHUTDOWN1 and SHUT- account for the shift in logical disk drive addressing. When 

DOWN2 (FIG, 3). The power supply 180 receives an AC the verification process is completed, SAFESTART files are 

voltage supply via an AC plug 192 _(FI_G,_3). 55 cleaned up, a latch is set to prevent u ^authorized modifica- 

In the disclosed embodiment, the computer system S tion of the initial hash values, and control is returned to the 
contains circuitry for communicating with a removable BIOS to boot the user operating system. Thus, a computer 
security token 188. The precise physical nature of the token system implemented according to the SAFESTART patent 
188 is not considered critical to the invention. The token can insures that designated software and passwords are trust- 
take many forms, such as a Touch Memory™ device sup- 60 worthy following a power-up cycle, 
plied by Dallas Semiconductor, Inc., a smart card, or an As shown in FIG. 2A, when power to the computer 
encryption card. Preferably, the token 188 is easily system S is initially applied or the system undergoes a cold 
decoupled from the computer system S and easily transport- restart, the POWER-ON sequence 200 is commenced. In the 
able by the token bearer. As discussed in more detail below, first step 202 of the POWER-ON sequence 200 the computer 
the toke^l88 containsjm^ 65 system S begins executing from BIOS ROM. The BIOS is 
tions;of:u^ preferably stored in flash ROM 154 and contains low level 
~a-plain text.use ^password js^ypjcally-requkedto'matcrran-^ programming for booting the operating system, and an 
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interrupt handler for accessing the hard drive 140. Control Alternatively, the power-on hash value could be communi- 
then proceeds to step 204 where the computer system S cated to the token 188 (in step 216) for comparison to the 
performs a power-on self test (POST) to determine if all stored value. In this embodiment of the invention, the token 
system hardware is operating properly. 188 is required to have computational capabilities, as well as 

Following additional power-on steps (optional), control 5 lne capability to communicate the results of the comparison 
next proceeds to step 206 for commencement of a secure to l he computer system S. 

power-up procedure such as that described in the SAF- If the encrypted password and the stored value are not 
ESTART patent. In the disclosed embodiment, operating equal as determined in step 218, control proceeds to step 220 
sequences for the secure power-up procedure are configured and the power supply 180 is disabled. The resulting delay 
as an option ROM and located in the option ROM address 10 associated with re -booting the computer system S discour- 
space in a conventional manner. Preferably, the operating ages brute force attacks against the user password in situa- 
sequences are provided as the last option ROM in order to tions in which the external token has been misappropriated, 
allow any other option ROM's to be installed at the outset. Several other options are available at this point. In one 

The system BIOS executes this portion of the secure power- contemplated embodiment of the invention, the core com- 
on sequence as a part of its scan for option ROMs, which are is ponents needed to boot the computer system S are powered 
executed when encountered in POST. This arrangement by one supply voltage (V^), while other secured compo- 
requires address decoding for the power-on sequence, but ncDts are p0 wcred by a second supply voltage (V^. A 
also simplifies distribution into a family of computer sys- bifurcated power supply 180 according to this embodiment 
terns. Alternatively, the power-on sequence could be imple- 0 f the invention is discussed in greater detail in conjunction 
mented as a direct call from the BIOS, rather than an option 20 ^ nG 3 Dev i ces powe red by the second supply signal 
ROM call. might include bay door/case locks and mass storage devices. 

Control next proceeds to step 208 to determine if a token Under this arrangement, the second power supply signal is 
188Js present. If the aforementioned presence detection initially disabled, but is turned on following detection of a 
cir^itry^eTelrainejs fl Uiat a token is not prj^n^onjroHoops valid power-on hash value. The power-on bash value used 
✓to step 21^to~display a message^req uestin g-that the^iser 25 for this operation can be the same value generated in step 
provide a token 188: \^en^axtoken-188-is^^sent];as 214, or a separate hash value that is generated at a later point 
determihed-in step 208, control passes to step 212 where the 1 (even outside of the secure power-up procedure). By requir- 
useris prompted to enter a plain text power-on password. As^ ing entry of a valid power-on password before enabling 
an„alternaLiyejo_ a memorized value/the plain text password power to peripheral devices or unlocking bay door/case 
f- could be generated-with the aid of biometrics ..For.example; 30 locks, the possessor of a stolen computer will usually be 
a-scanned-fingerprint could b e co nverted into a plain text forced to physically damage the computer casing before 
password value. Further, the precis^oTderihg~"of-~steps gaining access to secured resources. The value of stolen 
208^212 is not considered critical to the invention] computer equipment is thereby reduced, and computer theft 

Control nexrproceeds to step 214 and, a one-way hash 35 ^ discouraged, 
function is performed on the plain text password^ntere^yy As shown in FIGS. 2B and 2C, the secure power-up 
the-user to create a "power-on hash value". ^Examples of procedure can also include steps that provide password 
different one-way hash functions that are suitable for use in security for specified peripheral devices or other secured 
the invention include: Snefru, N -Hash, MD4,^^^M2» and ^computer resources. In the disclosed embodiment of the 
thTSecure-Hash Algojithm,(SHA),-Mo^ofthese algorithms .~ 0 f invention, an exemplary procedure for gaining access to a 
and the respective strengths and weaknesses of each are well' single secured peripheral device begins at step 222 follow- 
known to those skilled in the art. As used^in mis disclosure, ing detection of a valid system password in step 218. In step 
^the term "secure hash value" or "hash value" refers gener-""7 222, a specified peripheral device is polled to determine if it 
ally~to~a~ valued-generated by an integrity assessment code is password enabled. 
Cor„a one-waylhash.ftinMon—that is specific to a given 45 0ne dcvice that ^16 be secured in accordance with the 
password.-Of importance to the invention -is that e.ach invention is a disk drive such as that described in the 
password±a^acoiTespond^ previously incorporated patent entitled "HARD DISK 

value * " ^ PASSWORD SECURITY SYSTEM." In a conforming disk 

Different ating.valid.passwords from invalid passwords is 7 drive, unauthorized access is prevented by placing an access 
one/applicatioXtb^which one-way hash functions~1u T e~par^-5o password value on the disk drive itself When the computer 
ticularly-well_suited, due in part- to speed of operalidn. system is powered up, the disk drive unit is in a LOCKED 
One-way-hashjunctions can be orders of "magnitude faster state and demands that the password value be downloaded 
than many of the popular encryption algorithms. Another/ before access is allowed. No access to the disk drive — other 
^advantage of one- way_hash functions is uniformity of length than to wipe all of the data from the drive or to check the 
between-resulting hash values^ One-way hash functions are 55 drive's status — is permitted until the password value stored 
typically^ constructed such that- a password of any length- , ^oiTthe disk drive is received. If the user attempts to gain-' 
produces a hash value of a predetermined length. In the <r^acccss to the disk drive by removing the oVive^from^thc 
disclosed embodiment of the invention, the one-way hash \V ^original computer and placing it in anothcr^ystelrl^fre.disk 
^function produces a hash value that is at least 160~bits in A drive remains.inaccessible.^Because-the-password value is 
4 length. A hash' value of this length reduces the effectiveness' 4o\ located"dn a secure portion of the disk drive instead of iiHhe 
of brute-force attacks against the one-way hash function. ^system CMOS, the:disk will remain LOCKED.regardless of 
Following generation of thepower-on hash value, control Tfhe jcomputersystem-in'which^ is 
proceeds to step 216 and an authentication value (hereinafter \also-included^for"preventing an unauthorized user from 
"power-on token value") is retrieved from token 188 via the ^-bypa^ing the security ^system by simply swapping^ 
RS232 connector 146 or an alternate connection port. Con-C65^ fir ™ ware controlling the disk drive. ^ 
trol then proceeds to step 218 of FIG. 2 B and the power-on If a disk drive or other secured peripheral is~password 
hash value is compared to the power-on token value. enabled as determined in step 222, control passes to step 224 
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and the peripheral is examined to determine if it is locked. black box security device, a command to protect secured 

Preferably, the peripheral is locked each time power to the resources is issued to the security device. The command 

computer system S is cycled. If the specified peripheral prevents unauthorized access to any of the secured 

device is not locked (i.e., the peripheral password is the resources. To access a secured resource, the user must 

same as the power-on hash value generated in step 214), or 5 thereafter provide the correct authentication value to the 

if the peripheral device is not password enabled, control black box security device. The security device can only 

proceeds to step 226 and any remaining steps in the secure verify — but does not divulge — the authentication value, 

power-up procedure are completed. thereby enhancing system security. A multitude of hash 

Ujhe peripheral device is locked, a tworpiece.userauthen- values or other information can be protected with the black 
Ucat^procejjsj^ first proceeds to 228^0 box security device. 

andean opfibnal-attempt^counter-is cleared. Control then j If a plain text password is entered for hashing during 
Cpasses to step 230 (FIG. 2C) and the computer^userjs^ normal computer operation, access to the black box security 

preempted to enter a plain text peripheral password. Next, in ~Tdevice can be provided by a secure keyboard communica- 
step 232 ,-a one-way hash-function is performed on the plains tions channel that utilizes the system management mode 
^telrt~p^pheraj^sswbrd, creating a "peripheral" hash vllufe.^ 3 5 (SMM) of the processor 102. One such mechanism is 

In th<Tdisclosed embodiment of the invention, control described in previously incorporated "METHOD AND 
next passes to step 234 where another authentication value APPARATUS FOR PROVIDING SECURE AND PRIVATE 
(hereinafter "peripheral token value") is retrieved from KEYBOARD COMMUNICATIONS IN COMPUTER 
token 188 via the RS232 connector 146 or an alternate SYSTEMS." In this invention, a request for secure keyboard 
connection port. Control then proceeds to step 236 where the 20 communications causes the computer's processor to enter 
peripheral hash value and the peripheral token value are i nt0 SMM. The SMI handler then directs specialized hard- 
compared. If the two values match, control passes to step ware t0 intercept and divert keyboard interrupts, such that 
238 and the peripheral hash value is downloaded to the data entered via the keyboard is only communicated to the 
secured peripheral for comparison to a value stored in the aforementioned non-readable black box security device. The 
peripheral device's memory. Alternatively, an enable signal 25 secured keyboard communications channel prevents critical 
could be provided directly to the secured peripheral at step data entered through a keyboard from being intercepted by 
238. In either case, the peripheral device remains in a locked malicious software code, such as a vims masquerading as a 
state if the peripheral hash value does not match the value screen saver or device driver. Keystrokes are not visible to 
stored in the peripheral device's memory. By storing the anv otner processes, and the black box security device can 
valid encrypted password value in the peripheral device's 30 De configured such that it is only written in this manner, 
local memory, the peripheral device can be moved to another By utilizing the secure keyboard link, the plain text 
computer system S and yet require the same peripheral passwords required to access different features or memory 
password, one-way hash function, and token 188 for access. spaces of a secured resource can be entered in a secure 

After the peripheral hash value is downloaded to the 35 fashion without the time delays associated with the secure 

peripheral device, the peripheral device is polled in step 240 power-on procedure. The two-piece authentication process 

to determine if it is still locked. If it is not locked, control can also be configured for use with Plug and Play devices, 

passes to step 248 and the secure power-up procedure is It should be observed that in each of the embodiments of 

completed. If the peripheral device is still locked, or the the invention described above, the user authentication or 

peripheral hash value and the peripheral token value do not 4Q password verification process is two-piece in nature. Neither 

match as determined in step 236, control instead passes to the password nor the hash value need be stored in the 

step 242 to determine if the maximum number of allowed computer system under this two-piece authentication 

attempts (shown as 3) at generating the correct peripheral scheme. If either the user password or the external token is 

password has been reached. If not, the attempt counter is misappropriated, it is of little value. Both pieces are required 

incremented in step 244 and control then returns to step 230 45 before secured computer resources can be accessed. In 

where the user is prompted to enter a new plain text addition, the scope of the invention not considered to be 

password. If the maximum number of attempts is reached, limited to the disclosed secure power-up procedure, 

control proceeds to step 246 for display of an optional error Likewise, the precise ordering of the power-up steps is not 

message. Control then passes to step 248 and the secure considered critical to the invention, 

power-up procedure is completed. 5Q Referring now to FIG. 3, a schematic diagram of a power 

It is also contemplated that the two-piece user authenti- supply 180 according to the invention is shown. The power 
cation process could be accomplished outside of a secure supply 180 is capable of being disabled by the computer 
power-up procedure. In this embodiment of the invention, system. As mentioned above, the PCI-ISA bridge 130 con- 
peripherals are unlocked during normal system operation. tains an interrupt controller/power supply control circuit 
Access to secured computer resources is again controlled by 55 111. The interrupt controller/power supply control circuit 
the comparison of a peripheral password hash value and an 111 provides a pair of power supply control signals SHUT- 
authentication value stored in the token 188. The compari- DOWN1 and SHUTDOWN2 to the power supply 180. The 
son and hashing operation occurs in the secured computer power supply 180 is connected to an AC voltage source W AC 
resource or in secure memory such as that disclosed in the through an AC plug 192. A power supply status signal 
previously incorporated "SECURITY CONTROL FOR A 60 POWERGOOD is also provided as is conventional in com- 
PERSONAL COMPUTER" which describes a security puter system power supplies, 

device (hereinafter referred to as the "black box" security i n the disclosed embodiment, the power supply 180 is 

device). capable of providing a pair of supply voltages V^^ and 

Briefly, the black box security device controls access to V^^. Enablement of the power supply voltages V ocl , and 

various secured resources of the computer system, such as 65 V^^ is controlled by the power supply control signals 

the flash ROM 154 or any designated hardware devices. SHUTDOWN1 and SHUTDOWN2, respectively. These 

After a password hash value has been downloaded to the power supply control signals SHUTDOWNl and SHUT- 
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D0WN2 are asserted or deasserted as necessary to enable/ 
disable the supply voltages V^j, and V Z>C2 . 

When the computer system S is initially powered up, the 
supply voltage provides power to the core system 

components required to boot the computer system S. As 5 
discussed in conjunction with FIGS. 2A and 2B, failure to 
successfully complete the verification process causes Vj^, 
to be disabled. The supply voltage V />C2 can be provided to 
secure system resources such as mass data storage devices or 
bay door/case lock activation circuitry. Again, provision of 30 
this supply voltage to the secured resources is predicated 
upon successful completion of the two-piece user authenti- 
cation process. 

The precise manner in which the power supply control 
signals SHUTDOWN1 and SHUTDOWN2 are generated is 15 
not considered critical to the invention, and a number of 
computer system components S could be utilized. By way of 
example, the power supply control signals could be gener- 
ated by interrupt techniques similar to those disclosed in the 
previously incorporated "SECURE POWER SUPPLY." In 20 
addition, it is contemplated that the supply voltages V DCl 
and V DCZ could be enabled or disabled external to a secure 
power-up routine. 

Certain of today's computers incorporate various "health 25 
meters" used to disable the computer when necessary to 
prevent damage to system components. In such systems, the 
computer can be configured to turn itself off if temperature 
exceeds a specified level (as may happen if a cooling fan 
fails) or other potentially harmful conditions are detected. In 3Q 
yet another contemplated embodiment of the present 
invention, the power supply 180 is disabled by generating 
false signals indicative of such a condition. 

In power supplies 180 which do not incorporate control 
signal inputs, one of the power supply control signals ^$ 
SHUTDOWN1 or SHUTDOWN2 can be used as an actua- 
tion signal to cause a switch 190 to break the connection 
between the power supply 180 and the AC plug 192 in the 
event of an unsuccessful user verification process. In this 
embodiment, a first end of the AC plug 192 is connected to 40 
one end of the switch 190, while a second end of the plug 
192 is connected to a second AC input of the power supply 
180. A second end of the switch 190 is connected to the first 
AC input of the power supply 180. When closed, the switch 
190 provides an electrical connection for the AC voltage 45 
from the AC plug 192 to the power supply 180. 

Thus, a method has been described for permitting access 
to secured computer resources based upon a two-piece user 
verification process. At some point during a secure power-up 
procedure, the computer user is required to provide an 50 
external token or smart card to the computer system. The 
computer user is then required to enter a plain text user 
password. Separate passwords can be used to enable various 
portions of the computer system. Once entered, a one-way 
hash function is performed on the user password. The 55 
resulting hash value is compared to a value downloaded 
from the token. If the two values match, the power-on 
sequence is completed and access to the computer system 
and/or secured computer resources is permitted. The two- 
piece nature of the user verification process is advantageous go 
due to the fact that if either the user password or the external 
token is stolen, it is of little value. Both pieces are required 
to access protected resources. 

The foregoing disclosure and description of the invention 
are illustrative and explanatory thereof, and various changes 65 
in the size, shape, materials, components, circuit elements, 
wiring connections and contacts, as well as in the details of 



the illustrated circuitry and construction and method of 
operation may be made without departing from the spirit of 
the invention. 
Whatjs_claimed-is:_^ 

l^ metj^forl yrmittin g accessno securcd-rcsources in 
a^computers^slem incorporating circuitry for communicat- 
ing with an exteroaljokenjhatjncludesjo authentication 
value^_u>e:computef"system further incorporating~a-secu7e» 
power-up pjpcedure^orzotherzsecure^perating mode, the 
methodrcomprising the steps^of: ^ 
providing a plain text user password to the computer 
system while the computer system is in a secure period 
of operation, the secure period of operation being 
independent of the external token; 
peTggmng ^one-wa y hash^ fancuoj^n the plain text:user; 
^pas ^ord-to-prpo]uc^ 

commum^uvely:cou^fihg the"external"token tb:the:com> 
puterjsystem; 

comparing the hash^alue^wj th the au thentication-value 
storecLiny he_extem al-token, the compa rison~cc ciirrihg 
in fhe^co^puter~s^^m!^nffl-^- ^ ' ^ 

enabling accesstga secureoMntgrnal computerlisouroelin^ 
^sponsejathe resu lt*6T sKa^t'ep^ 

Rvalue- with the a^ithenticatiolfvalue stored in~lhe~exter^ 

vCnalJoken^ 

2. The method of claim 1, wherein the secure period of 
operation includes a secure power-up procedure. 

3. The method of claim 1, wherein said step of comparing 
the hash value with the authentication value stored in the 
external token occurs in secure computer memory. 

4. The method of claim 1, wherein said step of comparing 
the hash value with the authentication value stored in the 
external token occurs in the secured computer resource. 

5. The method of claim 1, wherein said step of performing 
a one-way hash function on the plain text user password to 
produce a hash value occurs in secure computer memory. 

6. The method of claim 1, wherein the external token is a 
smart card. 

7. The method of claim 1, wherein the external token is a 
Touch Memory™ device. 

8. The method of claim 1, wherein the one-way hash 
function is SHA. 

9. A method for enabling or disabling power in a computer 
system incorporating circuitry for communicating with an 
external token that includes an authentication value, the 
computer system further incorporating a secure power-on 
process or other secure operating mode and a power supply 
providing at least one power supply voltage to computer 
system components, the method comprising the steps of: 

providing a plain text user password to the computer 
system while the computer system is in a secure period 
of operation, the secure period of operation being 
independent of the external token; 

performing a one-way hash function on the plain text user" 
password to produce a hash value; 

communicatively coupling the external token to the com- 
puter system; 

comparing the hash value with the authentication value 
stored in the external token; and 

enabling or disabling at least one power supply voltage in 
response to the result of said step of comparing the hash 
value with the authentication value stored in the exter- 
nal token. 

10. Trie method of claim 9, wherein said step of enabling 
or disabling at least one supply voltage comprises disabling 
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all power supply voltages in the computer system if the hash 
value is not equal to the authentication value stored in the 
external token. 

11. The method of claim 9, wherein the external token is 
a smart card. 

12. The method of claim 9, wherein the external token is 
a Touch Memory™ device. 

13. A computer system having security capabilities that 
operate in conjunction with an external token containing an 
authentication value, the computer system further having 
system memory and a secure power-on process or other 
secure operating mode, comprising: 

a system bus; 

a processor coupled to said system bus; 
communication circuitry coupled to said processor for 

communicating with the external token; 
a secured internal computer resource coupled to said 

processor; 

security code stored in a processor readable medium for 
causing the processor to perform the steps of: 
receiving a plain text user password while the computer 
system is in the secure operating mode, the secure 
operating mode being independent of the external 
token; 

performing a one-way hash function on the plain text 
user password to produce a hash value; 

receiving the authentication value from the external 
token; 

comparing, in the computer system, the hash value with 
the authentication value stored in the external token; 
and 

enabling or disabling said secured computer resource in 
response to the result of said step of comparing the 
hash value with the authentication value stored in the 
external token. 

14. The computer system of claim 13, wherein said secure 
operating mode is a secure power-on procedure. 

15. The computer system of claim 13, wherein said 
communication circuitry is configured to communicate with 
a smart card. 

16. The computer system of claim 13, wherein said 
communication circuitry is configured to communicate with 
a Touch Memory™ device. 
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17. The computer system of claim 13, wherein said 
secured computer resource is a disk drive. 

18. A computer system having security capabilities that 
operate in conjunction with an external token containing an 

5 authentication value, the computer system further having 
system memory and a secure power-on process or other 
secure operating mode, comprising: 
a system bus; 
10 a processor coupled to said system bus; 

communication circuitry coupled to said processor for 

communicating with the external token; 
a power supply providing at least one power supply 
^ voltage to computer system components; 

power-on code stored in a processor readable medium for 
causing the processor to perform the steps of: 
receiving a plain text user password while the computer 
system is in the secure operating mode, the secure 
20 operating mode being independent of the external 

token; 

performing a one-way hash function on the plain text 
user password to produce a hash value; 

receiving the authentication value from the external 
25 token; 

comparing, in the computer system, the hash value with 
the authentication value stored in the external token; 
and 

enabling or disabling at least one power supply voltage 
30 from said power supply in response to the result of 

said step of comparing the hash value with the 
authentication value stored in the external token. 

19. The computer system of claim 18, wherein said step 
of enabling or disabling at least one supply voltage com- 

35 prises causing the processor to disable all power supply 
voltages in the computer system if the hash value is not 
equal to the authentication value stored in the token. 

20. The computer system of claim 18, wherein said step 
of enabling or disabling at least one supply voltage com- 

40 prises causing the processor to enable a power supply 
voltage to a portion of the computer system if the hash value 
is equal to the authentication value stored in the token. 

***** 
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